<?php

if (!defined('TOBBIVM'))
	header('location:/template/notrepassing.php');
/**
 * This file is part of TobbiVMShop.
 *
 * TobbiVMShop is free software: you can redistribute it and/or modify
 * it under the terms of the GNU General Public License as published by
 * the Free Software Foundation, either version 3 of the License, or
 * (at your option) any later version.
 *
 * TobbiVMShop is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 * GNU General Public License for more details.
 *
 * You should have received a copy of the GNU General Public License
 * along with TobbiVMShop.  If not, see <http://www.gnu.org/licenses/>.
 */
/**
 * Verify userdata from registerform and
 * if ok then save in database (=new User) or display errors
 * get: category.tpl.php
 * used from category.page.php
 *
 * @version    $Id$
 * @package    TobbiVM-Shop
 * @copyright  Copyright (C) 2012
 * @author     Norbert Gebert
 * @license    GPL3
 */
$mysqlBuffer = array();

if (COMPANY > 0)
{
	if ((COMPANY === 1 and !empty($_POST['companyx'])) or COMPANY === 2)
	{
		$_POST['companyx'] = $refValidate->testText($_POST['companyx'],
			_('The Company name must consist only of letters.'), 1, 35);
		$mysqlBuffer['customer_company'] = $_POST['companyx'];
	}
}

if (FIRSTNAME > 0)
{
	if ((FIRSTNAME === 1 and !empty($_POST['firstnamex'])) or FIRSTNAME === 2)
	{
		$_POST['firstnamex'] = $refValidate->testText($_POST['firstnamex'],
			_('The first name must consist only of letters.'), 1, 35);
		$mysqlBuffer['customer_firstname'] = $_POST['firstnamex'];
	}
}
if (LASTNAME > 0)
{
	if ((LASTNAME === 1 and !empty($_POST['lastnamex'])) or LASTNAME === 2)
	{
		$_POST['lastnamex'] = $refValidate->testText($_POST['lastnamex'],
			_('The name must consist only of letters.'), 1, 35);
		$mysqlBuffer['customer_lastname'] = $_POST['lastnamex'];
	}
}

if (STREET > 0)
{
	if ((STREET === 1 and !empty($_POST['streetx'])) or STREET === 2)
	{
		$_POST['streetx'] = $refValidate->testText($_POST['streetx'],
			_('The street name must consist only of letters.'), 1, 35);
		$mysqlBuffer['customer_street'] = $_POST['streetx'];
	}
}

if (ZIP_CODE > 0)
{
	if ((ZIP_CODE === 1 and !empty($_POST['zipx'])) or ZIP_CODE === 2)
	{
		$_POST['zipx'] = $refValidate->testNumber($_POST['zipx'],
			_('The code may consist of only digits.'));
		$mysqlBuffer['customer_zip'] = $_POST['zipx'];
	}
}

if (CITY > 0)
{
	if ((CITY === 1 and !empty($_POST['cityx'])) or CITY === 2)
	{
		$_POST['cityx'] = $refValidate->testText($_POST['cityx'],
			_('The city name must consist only of letters.'), 1, 35);
		$mysqlBuffer['customer_city'] = $_POST['cityx'];
	}
}

if (COUNTRY > 0)
{
	if ((COUNTRY === 1 and !empty($_POST['countryx'])) or COUNTRY === 2)
	{
		$_POST['countryx'] = $refValidate->testText($_POST['countryx'],
			_('The country name must consist only of letters.'));
		$mysqlBuffer['customer_country'] = $_POST['countryx'];
	}
}

$_POST['statex'] = DEFAULT_STATE;

if (PHONE > 0)
{
	if ((PHONE === 1 and !empty($_POST['phonex'])) or PHONE === 2)
	{
		$_POST['phonex'] = $refValidate->testPhonenumber($_POST['phonex'],
			_('The phone number format is incorrect.'));
		$mysqlBuffer['customer_phone'] = $_POST['phonex'];
	}
}

if (FAX > 0)
{
	if ((FAX === 1 and !empty($_POST['faxx'])) or FAX === 2)
	{
		$_POST['faxx'] = $refValidate->testPhonenumber($_POST['faxx'],
			_('The fax number format is incorrect.'));
		$mysqlBuffer['customer_fax'] = $_POST['faxx'];
	}
}

if (MOBILE > 0)
{
	if ((MOBILE === 1 and !empty($_POST['handyx'])) or MOBILE === 2)
	{
		$_POST['handyx'] = $refValidate->testNumber($_POST['handyx'],
			_('The mobile number consist of only digits.'));
		$mysqlBuffer['customer_handy'] = $_POST['handyx'];
	}
}

if (EMAIL > 0)
{
	if ((EMAIL === 1 and !empty($_POST['emailx'])) or EMAIL === 2)
	{
		$_POST['emailx'] = $refValidate->testEmail($_POST['emailx'],
			_('The email format is incorrect.'));
		$mysqlBuffer['customer_email'] = $_POST['emailx'];
	}
}

$_POST['namex'] = $refValidate->testText($_POST['namex'],
	_('The username must consist only of letters.'));
db::getInstance()->where('customer_name', $_POST['namex']);
$result = db::getInstance()->getOne('customer');

if ($result <> NULL)
	message::setErrorRow(_('The username is already in use.'));

$psw = $refValidate->cleanslash($_POST['passwordx']);
if ($psw <> $_POST['passwordx'] or empty($_POST['passwordx']))
{
	message::setErrorRow(_('The password contains illegal characters or is empty.'));
	$_POST['passwordx'] = '';
}

if (message::ifErrorMessage())
{ // Error in Userdata
	message::setErrorRow(_('Please correct the problems listed:'), TRUE);
	$mysqlBuffer = NULL;

	$pagefile = 'module/register/register.new.php';
	if (is_file($pagefile))
		include_once($pagefile);
}
else
{
	$mysqlBuffer['customer_name'] = $_POST['namex'];
	$securex = random_string(10, true, true);
	$mysqlBuffer['customer_password'] = md5($_POST['passwordx'] . $securex);
	$mysqlBuffer['customer_secureid'] = $securex;
	$mysqlBuffer['customer_lastonline'] = date("Y-m-d H:i:s");
	$mysqlBuffer['customer_register'] = date("Y-m-d H:i:s");
	$mysqlBuffer['customer_ip'] = $_SERVER['REMOTE_ADDR'];
	$mysqlBuffer['customer_login'] = md5($_SERVER['REQUEST_TIME']);
	$mysqlBuffer['customer_errors'] = '0';
	$mysqlBuffer['customer_active'] = '1';
	$mysqlBuffer['customer_info'] = '.';


	// Update the database
	if (db::getInstance()->insert('customer', $mysqlBuffer))
	{
		$mysqlBuffer = NULL;
		$login = loginUser($_POST['namex'], $_POST['passwordx'], $refCart, $refValidate);

		// Sign in was correct
		if ($login)
			$update = updateUser($_POST['namex']);

		$pagefile = 'module/register/register.show.data.php';
		if (is_file($pagefile))
			include_once($pagefile);
	}
	else
	{
		// Error in Userdata
		message::setErrorRow(_('Userdata could not save!'), TRUE);
		message::setErrorRow(_('Please contact the administrator at'), FALSE);
		message::setErrorRow(ADMIN_EMAIL, FALSE);
		$mysqlBuffer = NULL;

		$pagefile = 'module/register/register.new.php';
		if (is_file($pagefile))
			include_once($pagefile);
	}
}
?>
